All, Thank you to all of you who have been contributing to this discussion.
I do not yet feel comfortable with approving this request to include the 'ComSign Global Root CA' root certificate, and enable the Websites and Email trust bits. My understanding is that this root certificate is included in both the Apple and Microsoft root stores and trusted for TLS, so regardless of what Mozilla's wiki pages say, it is a publicly trusted root certificate and should be meeting all of the requirements of the CA/Browser Forum's Baseline Requirements. Therefore, my inclination is to put this discussion on hold until a full BR audit has been performed, and the audit statement provided. Thanks, Kathleen _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
